The Subcommittee on Financial Institutions and Consumer Credit held a hearing today to thoroughly examine data security vulnerabilities and identify gaps in state and federal data security regulation.

“More than 15 million Americans were victims of cyber fraud or identify theft last year,” said Subcommittee Chairman Blaine Luetkemeyer (R-MO). “While data security has been a hot topic since the latest breach, Equifax isn’t where the problem started and if we don’t act, it isn’t where the problem will end. With each attack more dangerous and more advanced than the last, it is crucial that every aspect of data security is examined. Today’s hearing reiterated that we need to work collaboratively to reduce red tape, create a prompt notification standard, and foster harmonization among federal and state agencies charged with data security regulation. While today’s hearing did not focus on a certain bill, I intend to work with my colleagues to produce data security reform legislation in the near future. This has turned into a crisis, and the American people deserve better.”

Protecting information and systems from major cyber threats, such as cyber theft, cyber terrorism, cyber warfare, and cyber espionage should be a priority for Congress.

Topline Quotes from Witnesses

“The cybersecurity landscape is complex with a wide array of hostile actors, including criminals seeking financial gain, nation states engaged in corporate espionage or worse, and terrorist groups seeking to disrupt markets and create fear. Cybercrime is now a bigger criminal enterprise than the global narcotics trade. The financial services industry is a top target facing tens of thousands of attacks each day. While data breaches of customer information dominate headlines, and are an appropriate concern for policymakers, a major cyberattack on critical financial market infrastructure or one that destroys records and financial data, is a risk with a potentially far larger impact on the economy. While regulation and supervision of cyber preparedness has an important role in the collective cyber defense effort, the emergence of many regulations from multiple regulators may lead to a suboptimal balance of industry resources devoted to compliance versus security.” – Kenneth E. Bentsen, Jr., President and CEO, SIFMA

“This is not a problem that we as an industry can fix on our own. What is so frustrating is that there is no amount of money we can spend to protect our consumers from being targeted by these criminals. The only thing that will help is to increase awareness so that our customers can help protect themselves.” – Daniel Mennenoh, President, H.B. Wilkinson Title Company

“Data security, ensuring member safety, and how to incentivize and emphasize data safekeeping in every link of the payments chain is a top challenge facing the credit union industry today. Given the breadth and scope of many data breaches, we have reached a tipping point in the public dialogue about how to tackle these issues. NAFCU member credit unions and the 110 million credit union members across the country are looking to Congress to address data security issues and move forward with meaningful legislation that will make a difference to consumers.” – Debra Schwartz, President & CEO, Mission Federal Credit Union